ClawHub

ClawEmail Admin

v1.0.1

Provision and manage @clawemail.com Google Workspace email accounts. Use when the user wants to create an email for their AI agent, check email availability, or manage existing ClawEmail accounts.

1· 1.5k·1 current·3 all-time
by@cto1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill requests a single CLAWEMAIL_API_KEY which is exactly the credential required to call the documented ClawEmail admin endpoints (create/list/suspend/delete). There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
SKILL.md is instruction-only and confines actions to HTTPS calls to https://clawemail.com and to user-driven OAuth flows. However the instructions explicitly tell operators to capture and store temporary passwords and to exchange OAuth credentials — these are sensitive artifacts the agent will handle if used. The instructions do not ask the agent to read system files or other unrelated secrets.
Install Mechanism
No install spec or code is included (instruction-only), so nothing is written to disk or downloaded during install — lowest-risk install mechanism.
Credentials
Only one environment variable (CLAWEMAIL_API_KEY) is required and that is the expected admin credential for the documented REST endpoints. This is proportionate to the described functionality. Be aware this key grants account provisioning/deletion privileges on the provider side.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide configuration. It does not attempt to modify other skills or agent settings.
Assessment
This skill is internally coherent, but it talks to an external provider (https://clawemail.com) whose source/homepage is not included in the registry metadata. Before installing or exporting your CLAWEMAIL_API_KEY: 1) Verify the ClawEmail service and its owner (privacy, terms, support contact). 2) Treat CLAWEMAIL_API_KEY like a high-privilege credential — only store it in a trusted secrets manager, and avoid placing it in shared shells or logs. 3) Expect the skill (and anyone with the key) can create, suspend, or delete Workspace accounts; consider using a scoped/limited API key and rotate/revoke it when not needed. 4) The workflow returns temporary passwords and OAuth credentials — store/revoke those securely and audit created accounts. 5) If you cannot verify the provider, prefer the documented self-service signup flow (Stripe checkout) or manually create accounts rather than giving the API key to an agent. If you want higher confidence about this skill, ask the publisher for a homepage, documentation, or proof of ownership and a privacy/security policy.

Like a lobster shell, security has layers — review code before you run it.

latestvk973jfake5svj0ab0m0s44zcvx80mtk1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
EnvCLAWEMAIL_API_KEY
Primary envCLAWEMAIL_API_KEY

Comments